6

Update: It has been confirmed with Namecheap that their DNS is incompatible with Google Apps for Domains DKIM keys

https://twitter.com/Namecheap/status/720940172196581376

There is no ETA on when or even if they will have it fixed.

I signed up for Google Apps for Domain recently and am trying to setup DKIM for gmail/email. The Google Apps interface only has a "Generate new record" button

gmail dkim ux

Clicking "Generate new record" only has one option, what prefix

options dkim

namecheap's UX allows me to paste the entire record in (see it ends in AB)

ends in ab

but once it's saved checking it's been truncated to 256 characters.

truncated

Talking with customer service this is a limit of namecheap.

I don't see any other options in Google Apps->GMail to get a smaller key.

Is there some workaround or does this means Namecheap is incompatible with Google Apps Gmail DKIM?

Community
  • 1

2 Answers2

7

I ran into this same issue, as I also preferred to use the longer key length of 2048 bits on Namecheap, but couldn't due to Namecheap's field length limitation for TXT records. I checked Google Apps today (May 16th 2016) and now I see an option for a shorter key length, 1024 bits, which seems to fit into the shorter Namecheap field length for TXT records.

Google Apps - Generate new record with 1024 bit key length option

user1652110
  • 186
3

The Google Apps DKIM key is 2048 bit, so it doesn't fit in the TXT value field on NameCheap DNS.

There is a workaround for this without the need to change your DNS servers for the domain. Here is the step-by-step procedure: https://www.youtube.com/watch?v=YMm7EQ3AmWw

The steps explained in the video tutorial are:

  1. Generate the long 2048 bit DKIM in Google Apps
  2. Find a DNS service that support long TXT values (you will still be able to keep your previous DNS. We need this for the DKIM only)
  3. Create a subdomain on the new DNS and add your DKIM key to the TXT field
  4. Now on your previous DNS, add a CNAME instead of TXT record that will lead to the new DNS service, using the same DKIM hostname (ex. google._domainkey)
  5. Test that your implementation is working and active using DKIMCore or DKIM Key Checker (as these web apps support 2048 bit DKIM keys)
  6. If everything checks up correctly, active the DKIM Email Authentication on Google Apps
Vladimir Kochkovski
  • 31
  • 3